Talks and Poster Presentations (with Proceedings-Entry):

P. Steinbacher, F. Fankhauser, C. Schanes, T. Grechenig:
"Work in progress: Black-Box approach for testing quality of service in case of security incidents on the example of a SIP-based VoIP service.";
Talk: Principles, Systems and Applications of IP Telecommunications (IPTComm'10), München, Deutschland; 08-02-2010 - 08-03-2010; in: "Proceedings of IPTComm 2010 Principles, Systems and Applications of IP Telecommunications", Technische Universität München, Germany, (2010), ISSN: 1868-2642; 107 - 116.

English abstract:
One of the main security ob jectives for systems connected
to the Internet which provide services like Voice over Inter-
net Protocol (VoIP) is to ensure robustness against security
attacks to fulfill Quality of Service (QoS). To avoid system
failures during attacks service providers have to integrate
countermeasures which have to be tested. This work evalu-
ates a test approach to determine the efficiency of counter-
measures to fulfill QoS for Session Initiation Protocol (SIP)
based VoIP systems even under attack. The main ob jective
of the approach is the evaluation of service availability of a
System Under Test (SUT) during security attacks, e.g., De-
nial of Service (DoS) attacks. Therefore, a simulated system
load based on QoS requirements is combined with different
security attacks. The observation of the system is based
on black-box testing. By monitoring quality metrics of SIP
transactions the behavior of the system is measurable. The
concept was realized as a prototype and was evaluated using
different VoIP systems. For this, multiple security attacks
are integrated to the testing scenarios. The outcome showed
that the concept provides sound test results, which reflect
the behavior of SIP systems availability under various at-
tacks. Thus, security problems can be found and QoS for
SIP-based VoIP communication under attack can be pre-

Security, Verification, Reliability, Performance

Created from the Publication Database of the Vienna University of Technology.